From 233c0ade42a097a296071e9db89267517e0ea76d Mon Sep 17 00:00:00 2001 From: Michael Pietsch Date: Fri, 5 Jul 2024 00:16:20 +0200 Subject: [PATCH 1/2] Update GeoIP update to support authentication by account id+license key --- mailscanner/geoip_update.php | 56 ++++++++++++++++++------------------ 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/mailscanner/geoip_update.php b/mailscanner/geoip_update.php index 3ea036241..d85a49f61 100644 --- a/mailscanner/geoip_update.php +++ b/mailscanner/geoip_update.php @@ -1,6 +1,6 @@ ' . "\n"; exit($error_message); } elseif (!isset($_POST['run'])) { @@ -55,15 +55,13 @@ ' . "\n"; } else { - require_once __DIR__ . '/lib/request/Requests.php'; - Requests::register_autoloader(); - ob_start(); echo __('downfile15') . '
' . "\n"; - $files_base_url = 'https://download.maxmind.com'; + $urlSchema = 'https://'; + $downloadServer = 'download.maxmind.com'; $file['description'] = __('geoip15'); - $file['path'] = '/app/geoip_download?edition_id=GeoLite2-Country&suffix=tar.gz&license_key=' . MAXMIND_LICENSE_KEY; + $file['path'] = '/geoip/databases/GeoLite2-Country/download?suffix=tar.gz'; $file['destination'] = __DIR__ . '/temp/GeoLite2-Country.tar.gz'; $file['destinationFileName'] = 'GeoLite2-Country.mmdb'; @@ -80,30 +78,27 @@ if (!file_exists($file['destination'])) { if (is_writable($extract_dir) && is_readable($extract_dir)) { if (function_exists('fsockopen') || extension_loaded('curl')) { - $requestSession = new Requests_Session($files_base_url . '/'); - $requestSession->options['useragent'] = 'MailWatch/' . mailwatch_version(); - if (USE_PROXY === true) { + $ch = curl_init($urlSchema . $downloadServer . $file['path']); + curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); + curl_setopt($ch, CURLOPT_USERNAME, MAXMIND_ACCOUNT_ID); + curl_setopt($ch, CURLOPT_PASSWORD, MAXMIND_LICENSE_KEY); + curl_setopt($ch, CURLOPT_USERAGENT, 'MailWatch/' . mailwatch_version()); + if (defined('USE_PROXY') && USE_PROXY === true) { + curl_setopt($ch, CURLOPT_PROXY, PROXY_SERVER); + curl_setopt($ch, CURLOPT_PROXYPORT, PROXY_PORT); if (PROXY_USER !== '') { - $requestSession->options['proxy']['authentication'] = [ - PROXY_SERVER . ':' . PROXY_PORT, - PROXY_USER, - PROXY_PASS, - ]; - } else { - $requestSession->options['proxy']['authentication'] = [ - PROXY_SERVER . ':' . PROXY_PORT, - ]; + curl_setopt($ch, CURLOPT_PROXYUSERPWD, PROXY_USER . ':' . PROXY_PASS); } switch (PROXY_TYPE) { case 'HTTP': case 'CURLPROXY_HTTP': // BC for old constant name - // $requestProxy = new Requests_Proxy_HTTP($requestProxyParams); - $requestSession->options['proxy']['type'] = 'HTTP'; + curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_HTTP); break; case 'SOCKS5': case 'CURLPROXY_SOCKS5': // BC for old constant name - $requestSession->options['proxy']['type'] = 'SOCKS5'; + curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5); break; default: exit(__('dieproxy15')); @@ -111,13 +106,18 @@ } try { - $requestSession->options['filename'] = $file['destination']; - $result = $requestSession->get($file['path']); - if (true === $result->success) { + $fpDestinationFile = fopen($file['destination'], 'w'); + curl_setopt($ch, CURLOPT_FILE, $fpDestinationFile); + curl_exec($ch); + if (empty(curl_error($ch))) { echo $file['description'] . ' ' . __('downok15') . '
' . "\n"; + } else { + echo __('downbad15') . ' ' . $file['description'] . __('colon99') . ' ' . curl_error($ch) . "
\n"; } - } catch (Requests_Exception $e) { - echo __('downbad15') . ' ' . $file['description'] . __('colon99') . ' ' . $e->getMessage() . "
\n"; + } catch (Exception $e) { + echo __('downbad15') . ' ' . $file['description'] . __('colon99') . ' ' . curl_error($ch) . "
\n"; + } finally { + fclose($fpDestinationFile); } ob_flush(); @@ -137,7 +137,7 @@ } } - $command = escapeshellcmd('wget ' . $proxyString . ' -N ' . $files_base_url . $file['path'] . ' -O ' . $file['destination']); + $command = escapeshellcmd('wget ' . $proxyString . ' -N ' . $urlSchema . MAXMIND_ACCOUNT_ID . ':' . MAXMIND_LICENSE_KEY . '@' . $downloadServer . $file['path'] . ' -O ' . $file['destination']); $result = exec( $command, $output_wget, From 0aca6cd82f359972186a6345eeb449fccbd3970f Mon Sep 17 00:00:00 2001 From: Michael Pietsch Date: Fri, 5 Jul 2024 00:29:50 +0200 Subject: [PATCH 2/2] add MAXMIND_ACCOUNT_ID to config options --- mailscanner/conf.php.example | 1 + mailscanner/functions.php | 1 + 2 files changed, 2 insertions(+) diff --git a/mailscanner/conf.php.example b/mailscanner/conf.php.example index 1ba6fb046..cf9ab5385 100644 --- a/mailscanner/conf.php.example +++ b/mailscanner/conf.php.example @@ -53,6 +53,7 @@ define('SESSION_TIMEOUT', 600); // A free license key from MaxMind is required to download GeoLite2 data // https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/ // define('MAXMIND_LICENSE_KEY', 'mylicensekey'); +// define('MAXMIND_ACCOUNT_ID', 'myaccountid'); // Database settings // diff --git a/mailscanner/functions.php b/mailscanner/functions.php index 6f9ca94ed..5f14fd7b1 100644 --- a/mailscanner/functions.php +++ b/mailscanner/functions.php @@ -4297,6 +4297,7 @@ function checkConfVariables() 'IMAP_HOST' => ['description' => 'IMAP host to be used for user authentication'], 'IMAP_AUTOCREATE_VALID_USER' => ['description' => 'enable to autorcreate user from valid imap login'], 'MAXMIND_LICENSE_KEY' => ['description' => 'needed to download MaxMind GeoLite2 data'], + 'MAXMIND_ACCOUNT_ID' => ['description' => 'needed to download MaxMind GeoLite2 data'], 'QUARANTINE_DAYS_TO_KEEP_NONSPAM' => ['description' => 'to have quarantine keeping days independently configured for nonspam mails'], ];